program: creat(&(0x7f00000002c0)='./bus\x00', 0x109) connect$inet(0xffffffffffffffff, 0x0, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000f00)='./file0\x00', 0x3214052, &(0x7f00000001c0)=ANY=[@ANYBLOB="626172726965722c6e6f646973636172642c6e6f7265636f766572796fee75196a4a66118f5ec2c6705bdf2c6f8cd0c13d5c98283baca9726465723d7374726963742c6e6f626172726965722c6f7374726963742c"], 0x3, 0xebd, &(0x7f0000004540)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0T8MT0gKiGKhDhVHKi4UCqlSK0EqlShntqeWvXWE+qFSlUqBfVSpMRV7PfWu8+e7npsz9q7v5/07ds3b3a+b7yRMzOefRuAkdVYfTx5cr4I4d1P33n05aeK315fdld7jSOrj0XstUIIzY5+kW3v87jg6pWXzmzWFuH46mPqh8cut187HUJYDkfCZ6EVPlpc+vLD9x45+vHrU7e8dfGZV3Zp99vy/QAAgGF06c9Lf7/vn396YO6rS4dPh8n28nR83or96XjcfyweKKfj5Ubo7hcd0WkiW28sRiNbbyxbbzzLM16Sr5ltp1my3kSPfGMdyzbbTwAAANiP0nltKxSNha5+o7GwsHbef93nsxPFwnPnl85dGFChAAAAQGX/eXX1plshhBBCCCGEEEIMcazMDvoKBAAAADBq8vnCNlje2Zm62ltr9Zf/8sONzV8PO6Duf//y76/8H7zmNw4AANUN69Fk2q90HJ3mMcjnERzLXrfV4/9Gtp3xLdZZNq/gfplvsKzO/Oe6V5XVv9X3cVDK6s/nw9yryurP5+ncq8rqn6y5jqrK6p+quY6qyuo/UHMdVZXVf7DmOqoqq3+65jqqKqt/puY6qiqr/4aa66iqrP5DNddRVVn9++W22rL6WzXXUVVZ/XM111FVWf031lxHVWX131RzHVWV1X9zzXUMyp2xTT+Hw9l45/lzfk63X87xAAAAYNT91/x/QgghhBBCCCHE0Merg74AAQAAAAxc+lxA+tT7SpTGx3qMj/cYb/YYn+gxPtljHAAAAAjhd2+cu+3tYv1z/tudDy/NG5XmX9rqPEb5fIRbzb/dec+2m3+/zFsGAADAaCm+99m1+x99/4W5ry4dPt1x9nstnu+meUDH47WBT2I/3Rcwk/WLdA59ujtPo2S9/PrADWXbe3ybOwoAAAAjLJ2/t0LRWOg4726FRmNhYf18fD40i3Pnl84ei/30/Sx/nG1OXl/+UM11AwAAAP1bP9/f/Pw/fY/vfJgoFp47v3Tuwlp/pr282ei8LjC7vrzovC7QypYfL1l+IvbT93f+YPbA6vKFMz9cemqndx4AAABGxIUXLz7z5NLS2R954oknnrSfDPo3EwAAsNO++OKd5o9PzPx+7fP/6/Pfpc//H4n9Vpzb7y9xhXSfQPocwIbP6z/RnWe2bL3nu9drZeuNxZjM6p7q2E7omG8wvW6uLF+rezsTJfmms3wzWb58noLxbP2U71C2PJ+fMK03my3P52Ecz3IUWf67AwAAAJRbfOHZ5xcvvHjxwfPPPvn02afPPnfi+Knvnjp17KHvPLS4el//Yufd/QAAAMB+tH7T76ArAQAAAAAAAAAAAAAAAAAAgNFVx9eJDXofAQAAYNT9+9UQwrIQoiTWvgJz8HUIIYQQQvSOsT1QgxBiz8bKSv5N8wAAAAC76+qVl850thssFzuar7211lpzLeZN7cyDf5u7Hmm1yw93Xy85uKPVMOrq/vcv//7K/8FrO5t/Kj3p+/dfo3sDp6vlvXfxl/Od+W8f7zN/vv+PV8t/NMt/b+gv/8r7Wf4nquW/L8t/sM/8G/b/+Wr574/552P/6D395u9+/ydjm/bjQJ/5v53t/1Oh3/zZ/rf6TJh5IOYHgFHUGHQBuyQdJaTj6OnYT/sbDzdDfvfDVo//G9l2xrddefd203HQrbGfjpdmsrzJVuufzrZ3Q8U6c/vlrpKy+nfqfdxtZfU3a66jqrL6J2quo6qy+idrrqOqsvqnaq6jqrL6+z0PHbSy+vfLdeWy+qdrrqOqsvpnaq6jqrL6t/r/+KCU1X+o5jqqKqt/tuY6qiqrv+JltdqV1T9Xcx1VldV/Y811VFVW/00111FVWf0311zHoNwR27Lz4XT+ORvHUr+V9Sc3+VkO67UFAAAA2G/+Zf4/IYQQQgghhBBi6GNlZdBXIBik3f00MwB7ld//o837P9q8/6PN+8//k+7hL7J+MtZjfLzHeLPH+EQ2nv97newxflO23ZUojd/cY/xrPcYP9Ri/tcf4fI/x23qM395j/I4e4wAAAIyGW2Lr/BAAAACG18u/+uTN39z7xJW5ry4dPh0mNsw7fyz2J+Pf1t+I/Xze+6QZ/+b/k9j/RWz/ENt/ZOu7/wQAAAB2X/qeGH//BwAAgOGVvqfU+T8AAAAMr7nYOv8HAACA4XVjbJ3/AwAAwBArpjZfHNt0XeDu2PY7rx8AsPd9PbZ3xvZwbO+K7Tdim44D7ontN2uqDwDYOT///k9PvV2sz/d/Ihu/GpendoPltSsFRaN7Jv8DsT0Y22/1WU/+fQD95k8O9Zlnt/LPbjM/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8GquPJ0/OFyG8++k7j/5s4s2/Xl92V3uNI6uPRey1QgjN9uvS6Hr/13HFq1deOtPZXottEY6HIhTt5eGxy+1M0yGE5XAkfBZa4aPFpS8/fO+Rox+/PnXLWxefeWUXfwRd+wcAAADD6H8BAAD//8WNHkw=") r1 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x2) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) r3 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r3, 0x0, 0x0, 0x1000f4) getsockname$tipc(r3, &(0x7f0000000000)=@name, &(0x7f0000000080)=0x10) r4 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xd}, 0x15, 0x80003, 'sh\x00', 0x1, 0x4, 0x72}, 0x2c) r5 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_FLUSH(r5, 0x0, 0x485, 0x0, 0x0) r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$RTC_WKALM_SET(r6, 0x40187013, &(0x7f0000000040)={0x1, 0x0, {0x0, 0xffffffff, 0x0, 0x2000000, 0x5, 0xfff}}) [ 75.080485][ T5333] Bluetooth: hci0: command tx timeout [ 75.196002][ T5355] loop0: detected capacity change from 0 to 4096 [ 75.217025][ T5355] ======================================================= [ 75.217025][ T5355] WARNING: The mand mount option has been deprecated and [ 75.217025][ T5355] and is ignored by this kernel. Remove the mand [ 75.217025][ T5355] option from the mount to silence this warning. [ 75.217025][ T5355] ======================================================= [ 75.254598][ T5355] nilfs2: Unknown parameter 'norecoveryoujJf^p[' [ 75.266160][ T5355] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 75.269073][ T5355] #PF: supervisor instruction fetch in kernel mode [ 75.271431][ T5355] #PF: error_code(0x0010) - not-present page [ 75.273602][ T5355] PGD 0 P4D 0 [ 75.274910][ T5355] Oops: Oops: 0010 [#1] SMP KASAN NOPTI [ 75.276934][ T5355] CPU: 0 UID: 0 PID: 5355 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 75.280214][ T5355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.283983][ T5355] RIP: 0010:0x0 [ 75.285274][ T5355] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 75.287794][ T5355] RSP: 0018:ffffc9000d4b7998 EFLAGS: 00010283 [ 75.289588][ T5355] RAX: ffffffff81f8f8b4 RBX: 1ffffd4000266fc8 RCX: 0000000000100000 [ 75.292095][ T5355] RDX: ffffc9000e0d2000 RSI: ffffea0001337e40 RDI: ffff88804010e700 [ 75.294850][ T5355] RBP: ffffc9000d4b7a50 R08: ffffea0001337e47 R09: 1ffffd4000266fc8 [ 75.297512][ T5355] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000 [ 75.300204][ T5355] R13: ffffea0001337e48 R14: ffffea0001337e40 R15: 1ffffd4000266fc9 [ 75.303317][ T5355] FS: 00007fa521cc16c0(0000) GS:ffff88808d007000(0000) knlGS:0000000000000000 [ 75.306620][ T5355] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.309421][ T5355] CR2: ffffffffffffffd6 CR3: 0000000042dda000 CR4: 0000000000352ef0 [ 75.312704][ T5355] Call Trace: [ 75.314070][ T5355] [ 75.315329][ T5355] filemap_read_folio+0x117/0x380 [ 75.317297][ T5355] ? __pfx_filemap_read_folio+0x10/0x10 [ 75.319285][ T5355] ? filemap_add_folio+0x1af/0x270 [ 75.321314][ T5355] do_read_cache_folio+0x350/0x590 [ 75.323345][ T5355] freader_get_folio+0x3c4/0x830 [ 75.325078][ T5355] freader_fetch+0xa3/0x5d0 [ 75.326696][ T5355] __build_id_parse+0x133/0x7d0 [ 75.328493][ T5355] ? __pfx___build_id_parse+0x10/0x10 [ 75.330528][ T5355] ? find_vma+0xe7/0x160 [ 75.332451][ T5355] ? __pfx_find_vma+0x10/0x10 [ 75.334148][ T5355] ? query_matching_vma+0x1b2/0x1d0 [ 75.336672][ T5355] procfs_procmap_ioctl+0x7f0/0xce0 [ 75.339488][ T5355] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 75.342585][ T5355] ? __fget_files+0x2a/0x420 [ 75.344946][ T5355] ? __fget_files+0x2a/0x420 [ 75.347277][ T5355] ? __fget_files+0x3a0/0x420 [ 75.349661][ T5355] ? __fget_files+0x2a/0x420 [ 75.351883][ T5355] ? bpf_lsm_file_ioctl+0x9/0x20 [ 75.354457][ T5355] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 75.357245][ T5355] __se_sys_ioctl+0xfc/0x170 [ 75.359494][ T5355] do_syscall_64+0xfa/0x3b0 [ 75.361254][ T5355] ? lockdep_hardirqs_on+0x9c/0x150 [ 75.363479][ T5355] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.365785][ T5355] ? clear_bhb_loop+0x60/0xb0 [ 75.367909][ T5355] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.370351][ T5355] RIP: 0033:0x7fa520d8eec9 [ 75.372401][ T5355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.380165][ T5355] RSP: 002b:00007fa521cc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 75.383648][ T5355] RAX: ffffffffffffffda RBX: 00007fa520fe5fa0 RCX: 00007fa520d8eec9 [ 75.386887][ T5355] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000005 [ 75.390119][ T5355] RBP: 00007fa520e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 75.393227][ T5355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.396418][ T5355] R13: 00007fa520fe6038 R14: 00007fa520fe5fa0 R15: 00007fff47d7b9e8 [ 75.399712][ T5355] [ 75.400997][ T5355] Modules linked in: [ 75.402760][ T5355] CR2: 0000000000000000 [ 75.404576][ T5355] ---[ end trace 0000000000000000 ]--- [ 75.406900][ T5355] RIP: 0010:0x0 [ 75.408454][ T5355] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 75.411565][ T5355] RSP: 0018:ffffc9000d4b7998 EFLAGS: 00010283 [ 75.414158][ T5355] RAX: ffffffff81f8f8b4 RBX: 1ffffd4000266fc8 RCX: 0000000000100000 [ 75.417597][ T5355] RDX: ffffc9000e0d2000 RSI: ffffea0001337e40 RDI: ffff88804010e700 [ 75.420920][ T5355] RBP: ffffc9000d4b7a50 R08: ffffea0001337e47 R09: 1ffffd4000266fc8 [ 75.424288][ T5355] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000 [ 75.427486][ T5355] R13: ffffea0001337e48 R14: ffffea0001337e40 R15: 1ffffd4000266fc9 [ 75.430636][ T5355] FS: 00007fa521cc16c0(0000) GS:ffff88808d007000(0000) knlGS:0000000000000000 [ 75.434369][ T5355] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.437040][ T5355] CR2: ffffffffffffffd6 CR3: 0000000042dda000 CR4: 0000000000352ef0 [ 75.440305][ T5355] Kernel panic - not syncing: Fatal exception [ 75.443126][ T5355] Kernel Offset: disabled [ 75.444927][ T5355] Rebooting in 86400 seconds..