Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008
Mem abort info:
  ESR = 0x0000000096000005
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x05: level 1 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000005
  CM = 0, WnR = 0
user pgtable: 4k pages, 48-bit VAs, pgdp=000000014d9ab000
[0000000000000008] pgd=08000001508d4003, p4d=08000001508d4003, pud=0000000000000000
Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 13 Comm: kworker/0:1 Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022
Workqueue: wg-crypt-wg1 wg_packet_tx_worker
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : em_u32_match+0x64/0xd8 net/sched/em_u32.c:29
lr : em_u32_match+0x64/0xd8 net/sched/em_u32.c:23
sp : ffff80000f223600
x29: ffff80000f223600 x28: 0000000000000000 x27: 0000000000000000
x26: ffff80000f223658 x25: ffff0001fdc6bf00 x24: 0000000000000001
x23: ffff0001e9bf0a54 x22: ffff0001e9bf0a00 x21: 0000000000000000
x20: 0000000000000000 x19: ffff0000c9601700 x18: 0000000000000132
x17: ffff80000bffd6bc x16: ffff80000db49158 x15: ffff0000c02d8000
x14: 00000000000000b8 x13: 00000000ffffffff x12: ffff0000c02d8000
x11: ff8080000b3a70e8 x10: 0000000000000000 x9 : ffff80000b3a70e8
x8 : ffff0000c02d8000 x7 : ffff80000b1fbe1c x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80000f223808
x2 : 0000000000000000 x1 : ffff0001fdc6bf00 x0 : ffff0000c9601700
Call trace:
 em_u32_match+0x64/0xd8 net/sched/em_u32.c:23
 tcf_em_match net/sched/ematch.c:492 [inline]
 __tcf_em_tree_match+0xb0/0x340 net/sched/ematch.c:518
 tcf_em_tree_match include/net/pkt_cls.h:477 [inline]
 basic_classify+0xa8/0x1d4 net/sched/cls_basic.c:48
 __tcf_classify net/sched/cls_api.c:1567 [inline]
 tcf_classify+0x11c/0x4ac net/sched/cls_api.c:1633
 drr_classify net/sched/sch_drr.c:317 [inline]
 drr_enqueue+0x144/0x4b0 net/sched/sch_drr.c:347
 dev_qdisc_enqueue net/core/dev.c:3785 [inline]
 __dev_xmit_skb+0x1b8/0x928 net/core/dev.c:3874
 __dev_queue_xmit+0x364/0xc88 net/core/dev.c:4222
 dev_queue_xmit include/linux/netdevice.h:3008 [inline]
 neigh_hh_output include/net/neighbour.h:535 [inline]
 neigh_output include/net/neighbour.h:549 [inline]
 ip_finish_output2+0x670/0x818 net/ipv4/ip_output.c:228
 __ip_finish_output+0x108/0x29c
 ip_finish_output+0x168/0x188 net/ipv4/ip_output.c:316
 NF_HOOK_COND include/linux/netfilter.h:296 [inline]
 ip_output+0x1d4/0x234 net/ipv4/ip_output.c:430
 dst_output include/net/dst.h:451 [inline]
 ip_local_out+0xc0/0xf0 net/ipv4/ip_output.c:126
 iptunnel_xmit+0x194/0x314 net/ipv4/ip_tunnel_core.c:82
 udp_tunnel_xmit_skb+0xdc/0x100 net/ipv4/udp_tunnel_core.c:172
 send4+0x408/0x4f0 drivers/net/wireguard/socket.c:85
 wg_socket_send_skb_to_peer+0x80/0x108 drivers/net/wireguard/socket.c:175
 wg_packet_create_data_done drivers/net/wireguard/send.c:251 [inline]
 wg_packet_tx_worker+0x108/0x554 drivers/net/wireguard/send.c:276
 process_one_work+0x2d8/0x504 kernel/workqueue.c:2289
 worker_thread+0x340/0x610 kernel/workqueue.c:2436
 kthread+0x12c/0x158 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860
Code: 0a090149 8b29c117 14000002 973be2cc (b9800aa8) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	0a090149 	and	w9, w10, w9
   4:	8b29c117 	add	x23, x8, w9, sxtw
   8:	14000002 	b	0x10
   c:	973be2cc 	bl	0xfffffffffcef8b3c
* 10:	b9800aa8 	ldrsw	x8, [x21, #8] <-- trapping instruction