Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Mem abort info: ESR = 0x0000000096000006 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x06: level 2 translation fault Data abort info: ISV = 0, ISS = 0x00000006 CM = 0, WnR = 0 user pgtable: 4k pages, 48-bit VAs, pgdp=000000010ed8b000 [0000000000000008] pgd=080000010edbc003, p4d=080000010edbc003, pud=080000010ecfe003, pmd=0000000000000000 Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP Modules linked in: CPU: 0 PID: 3745 Comm: syz-executor233 Not tainted 6.1.0-rc5-syzkaller-32269-g9500fc6e9e60 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __rb_insert lib/rbtree.c:115 [inline] pc : rb_insert_color+0x38/0x168 lib/rbtree.c:436 lr : kernfs_link_sibling+0x140/0x1ac fs/kernfs/dir.c:377 sp : ffff800014403700 x29: ffff800014403700 x28: ffff0000c6960000 x27: ffff00004c2e3040 x26: ffff00004c2e2ff0 x25: 0000000000000000 x24: ffff00004c2e3030 x23: ffff00004c2e3038 x22: 0000000000000000 x21: ffff0000cec28c00 x20: ffff0000c914d628 x19: ffff0000c914d5e8 x18: 00000000000003b9 x17: 0000000000000003 x16: ffff80000dc18158 x15: ffff0000c6960000 x14: 0000000000000008 x13: 00000000ffffffff x12: ffff0000c6960000 x11: ff80800008706908 x10: 0000000000000000 x9 : ffff00004c2e3030 x8 : 0000000000000000 x7 : 7f7f7f7f7f7f7f7f x6 : fefefefefefefeff x5 : 8080808080808080 x4 : 0000000000000030 x3 : 0000000000000000 x2 : 00003337362d7039 x1 : ffff0000c4bf2460 x0 : ffff0000c914d628 Call trace: __rb_insert lib/rbtree.c:110 [inline] rb_insert_color+0x38/0x168 lib/rbtree.c:436 kernfs_add_one+0x180/0x240 fs/kernfs/dir.c:755 kernfs_create_dir_ns+0xcc/0x144 fs/kernfs/dir.c:1021 sysfs_create_dir_ns+0x8c/0x168 fs/sysfs/dir.c:59 create_dir lib/kobject.c:63 [inline] kobject_add_internal+0x244/0x530 lib/kobject.c:223 kobject_add_varg lib/kobject.c:358 [inline] kobject_add+0xb8/0x130 lib/kobject.c:410 device_add+0x248/0x958 drivers/base/core.c:3452 device_create_groups_vargs+0xf4/0x15c drivers/base/core.c:4194 device_create+0x88/0xbc drivers/base/core.c:4236 bdi_register_va+0x8c/0x328 mm/backing-dev.c:869 super_setup_bdi_name+0x84/0x120 fs/super.c:1590 super_setup_bdi+0x50/0x8c fs/super.c:1612 v9fs_fill_super fs/9p/vfs_super.c:76 [inline] v9fs_mount+0x1a4/0x568 fs/9p/vfs_super.c:137 legacy_get_tree+0x30/0x74 fs/fs_context.c:610 vfs_get_tree+0x40/0x140 fs/super.c:1531 do_new_mount+0x1dc/0x4e4 fs/namespace.c:3040 path_mount+0x358/0x890 fs/namespace.c:3370 do_mount fs/namespace.c:3383 [inline] __do_sys_mount fs/namespace.c:3591 [inline] __se_sys_mount fs/namespace.c:3568 [inline] __arm64_sys_mount+0x2c4/0x3c4 fs/namespace.c:3568 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall arch/arm64/kernel/syscall.c:52 [inline] el0_svc_common+0x138/0x220 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x48/0x164 arch/arm64/kernel/syscall.c:206 el0_svc+0x58/0x150 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:584 Code: f9000109 b4000949 f9400128 370008c8 (f940050a) ---[ end trace 0000000000000000 ]--- ---------------- Code disassembly (best guess): 0: f9000109 str x9, [x8] 4: b4000949 cbz x9, 0x12c 8: f9400128 ldr x8, [x9] c: 370008c8 tbnz w8, #0, 0x124 * 10: f940050a ldr x10, [x8, #8] <-- trapping instruction