Unable to handle kernel NULL pointer dereference at virtual address 0000000000000360 Mem abort info: ESR = 0x0000000096000004 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x04: level 0 translation fault Data abort info: ISV = 0, ISS = 0x00000004 CM = 0, WnR = 0 user pgtable: 4k pages, 48-bit VAs, pgdp=0000000109088000 [0000000000000360] pgd=0000000000000000, p4d=0000000000000000 Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP Modules linked in: CPU: 0 PID: 2561 Comm: udevd Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : ax25_dev_ax25dev include/net/ax25.h:342 [inline] pc : ax25_send_frame+0xb0/0x2e8 net/ax25/ax25_out.c:56 lr : ax25_send_frame+0x74/0x2e8 net/ax25/ax25_out.c:51 sp : ffff800008003c40 x29: ffff800008003c40 x28: ffff80000f14f000 x27: 0000000000000010 x26: ffff80000f14f000 x25: ffff80000f14f9d8 x24: 0000000000000000 x23: ffff0000c72ca208 x22: 0000000000000000 x21: 0000000000000104 x20: ffff00012de2ff00 x19: ffff00012de2ff00 x18: 00000000000000c0 x17: ffff80000dd0b198 x16: ffff80000db49158 x15: ffff0000c1f6cf80 x14: 0000000000000018 x13: 0000000001ffffff x12: ffff0000c1f6cf80 x11: ff808000095d19c0 x10: 0000000000000000 x9 : ffff8000095d19c0 x8 : 0000000000000101 x7 : ffff80000b8f2cd4 x6 : 0000000000000000 x5 : ffff80000e213f78 x4 : 0000000000000008 x3 : 0000000000000000 x2 : 0000000000000002 x1 : ffff80000ce4fec5 x0 : 0000000000000000 Call trace: ax25_send_frame+0xb0/0x2e8 net/ax25/ax25_out.c:106 rose_send_frame net/rose/rose_link.c:106 [inline] rose_transmit_clear_request+0xf4/0x1d4 net/rose/rose_link.c:255 rose_rx_call_request+0x364/0x784 rose_loopback_timer+0x19c/0x294 net/rose/rose_loopback.c:111 call_timer_fn+0x90/0x144 kernel/time/timer.c:1474 expire_timers kernel/time/timer.c:1519 [inline] __run_timers+0x280/0x374 kernel/time/timer.c:1790 run_timer_softirq+0x34/0x5c kernel/time/timer.c:1803 _stext+0x168/0x37c ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:889 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:84 invoke_softirq+0x70/0xbc kernel/softirq.c:452 __irq_exit_rcu+0xf0/0x140 kernel/softirq.c:650 irq_exit_rcu+0x10/0x40 kernel/softirq.c:662 __el1_irq arch/arm64/kernel/entry-common.c:471 [inline] el1_interrupt+0x38/0x68 arch/arm64/kernel/entry-common.c:485 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:490 el1h_64_irq+0x64/0x68 arch/arm64/kernel/entry.S:577 arch_local_irq_restore arch/arm64/include/asm/irqflags.h:122 [inline] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] _raw_spin_unlock_irqrestore+0x58/0x8c kernel/locking/spinlock.c:194 debug_object_active_state+0x104/0x1dc lib/debugobjects.c:942 debug_rcu_head_queue kernel/rcu/rcu.h:190 [inline] call_rcu+0x58/0x484 kernel/rcu/tree.c:2778 file_free fs/file_table.c:59 [inline] __fput+0x358/0x3dc fs/file_table.c:338 ____fput+0x20/0x30 fs/file_table.c:353 task_work_run+0xc4/0x14c kernel/task_work.c:177 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] do_notify_resume+0x174/0x1f0 arch/arm64/kernel/signal.c:1127 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:137 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:142 [inline] el0_svc+0x9c/0x150 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:654 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581 Code: f9400bf9 a8c57bfd d50323bf d65f03c0 (f941b318) ---[ end trace 0000000000000000 ]--- ---------------- Code disassembly (best guess): 0: f9400bf9 ldr x25, [sp, #16] 4: a8c57bfd ldp x29, x30, [sp], #80 8: d50323bf autiasp c: d65f03c0 ret * 10: f941b318 ldr x24, [x24, #864] <-- trapping instruction