get_swap_device: Bad swap file entry 800000000000000
get_swap_device: Bad swap file entry 800000000000000
get_swap_device: Bad swap file entry 800000000000000
get_swap_device: Bad swap file entry 800000000000000
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000098
Mem abort info:
  ESR = 0x0000000096000004
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x04: level 0 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000
  CM = 0, WnR = 0, TnD = 0, TagAccess = 0
  GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
user pgtable: 4k pages, 52-bit VAs, pgdp=0000000043684300
[0000000000000098] pgd=0800000046407003, p4d=0000000000000000
Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 3190 Comm: syz-executor408 Not tainted 6.10.0-rc1-syzkaller-00021-ge0cce98fe279 #0
Hardware name: linux,dummy-virt (DT)
pstate: a1400009 (NzCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
pc : vma_interval_tree_augment_compute_max mm/interval_tree.c:23 [inline]
pc : vma_interval_tree_augment_propagate mm/interval_tree.c:23 [inline]
pc : __rb_erase_augmented include/linux/rbtree_augmented.h:321 [inline]
pc : rb_erase_augmented include/linux/rbtree_augmented.h:329 [inline]
pc : rb_erase_augmented_cached include/linux/rbtree_augmented.h:340 [inline]
pc : vma_interval_tree_remove+0x15c/0x304 mm/interval_tree.c:23
lr : __remove_shared_vm_struct mm/mmap.c:114 [inline]
lr : unlink_file_vma+0x50/0xa0 mm/mmap.c:129
sp : ffff800088cf3990
x29: ffff800088cf3990 x28: f9f00000041c7840 x27: 0000000000000000
x26: 0000000000000000 x25: ffff800088cf3ae8 x24: 0000ffff93a1a000
x23: 0000000000000001 x22: ffffffffffffffff x21: fdf00000059fdaa8
x20: f9f00000041c7878 x19: f9f00000041c7840 x18: ffff800088cf3aa8
x17: 0000000000000000 x16: 1efe000000711c61 x15: ffff8000800a9250
x14: ffff8000800a896c x13: ffff80008196f72c x12: 0010000000000000
x11: 00000000000000f5 x10: 0000aaaae6c73000 x9 : 0000000000000004
x8 : 0000000000000098 x7 : 0000000000000000 x6 : 0000ffff93a7a080
x5 : 0000000000000080 x4 : 000000000000007f x3 : fcf0000004311480
x2 : 0000000000000116 x1 : fdf00000059fda60 x0 : 0000000000000000
Call trace:
 vma_interval_tree_augment_compute_max mm/interval_tree.c:23 [inline]
 vma_interval_tree_augment_propagate mm/interval_tree.c:23 [inline]
 __rb_erase_augmented include/linux/rbtree_augmented.h:321 [inline]
 rb_erase_augmented include/linux/rbtree_augmented.h:329 [inline]
 rb_erase_augmented_cached include/linux/rbtree_augmented.h:340 [inline]
 vma_interval_tree_remove+0x15c/0x304 mm/interval_tree.c:23
 __remove_shared_vm_struct mm/mmap.c:114 [inline]
 unlink_file_vma+0x50/0xa0 mm/mmap.c:129
 free_pgtables+0x194/0x220 mm/memory.c:405
 exit_mmap+0x134/0x288 mm/mmap.c:3352
 __mmput+0x3c/0x170 kernel/fork.c:1346
 mmput+0x50/0x5c kernel/fork.c:1368
 exit_mm kernel/exit.c:565 [inline]
 do_exit+0x270/0x98c kernel/exit.c:861
 do_group_exit+0x34/0x90 kernel/exit.c:1023
 copy_siginfo_to_user+0x0/0xec kernel/signal.c:2909
 do_signal+0xf0/0x1450 arch/arm64/kernel/signal.c:1308
 do_notify_resume+0xd8/0x164 arch/arm64/kernel/entry-common.c:148
 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline]
 el0_svc+0xc8/0xf8 arch/arm64/kernel/entry-common.c:713
 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x19c/0x1a0 arch/arm64/kernel/entry.S:598
Code: d1000484 cb060042 8b423082 b4000085 (f9400ca4) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	d1000484 	sub	x4, x4, #0x1
   4:	cb060042 	sub	x2, x2, x6
   8:	8b423082 	add	x2, x4, x2, lsr #12
   c:	b4000085 	cbz	x5, 0x1c
* 10:	f9400ca4 	ldr	x4, [x5, #24] <-- trapping instruction