program: socket$inet6_sctp(0xa, 0x5, 0x84) bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'md5\x00'}, 0x58) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74) r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r1, &(0x7f0000000000)={0x27}, 0x74) r2 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x101000) ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000140)={"6e4521d9", 0x3, 0x5, 0x4, 0x3, 0x16dc, "fc035045156b0b4e89ef77f900", "2eb4fe9c", "47b6dd3b", "ad2e21d3", ["02edffffff000000fbe214a9", "850f3d04d42a166156600360", "826205df164fd354abc0c10d", "6631cbd8c92f5461e2ea90f9"]}) ioctl$CEC_TRANSMIT(r2, 0xc0386105, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x4, 0x6, 0xe20, 0x3ff, "c2a0da871813beebb98f6cd3bde10363", 0x8, 0xc6, 0x9, 0x2, 0x2, 0xf}) sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x1, @private0}, 0x1c, &(0x7f0000000140)=[{&(0x7f00000001c0)="a294", 0x2}], 0x1, &(0x7f0000000380)=[@sndrcv={0x30, 0x84, 0x1, {0x101, 0x2, 0x0, 0x8001, 0xfd, 0x7, 0x7, 0x9}}], 0x30}, 0x4000091) r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) sendmmsg$inet_sctp(r3, &(0x7f0000000080)=[{&(0x7f0000000180)=@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10, &(0x7f0000562000), 0x0, &(0x7f00000c3000)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x241}}], 0x20}], 0x1, 0x0) [ 85.977674][ T5344] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 85.981036][ T5344] #PF: supervisor instruction fetch in kernel mode [ 85.983798][ T5344] #PF: error_code(0x0010) - not-present page [ 85.986326][ T5344] PGD 0 P4D 0 [ 85.987824][ T5344] Oops: Oops: 0010 [#1] SMP KASAN NOPTI [ 85.990287][ T5344] CPU: 0 UID: 0 PID: 5344 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.994337][ T5344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.998980][ T5344] RIP: 0010:0x0 [ 86.000486][ T5344] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 86.003902][ T5344] RSP: 0018:ffffc9000e45f958 EFLAGS: 00010287 [ 86.006987][ T5344] RAX: ffffffff81fbd4f4 RBX: 1ffffd40002aa7c8 RCX: 0000000000100000 [ 86.010676][ T5344] RDX: ffffc9002112a000 RSI: ffffea0001553e40 RDI: ffff88804423de00 [ 86.013979][ T5344] RBP: ffffc9000e45fa18 R08: ffffea0001553e47 R09: 1ffffd40002aa7c8 [ 86.017269][ T5344] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000 [ 86.020226][ T5344] R13: ffffea0001553e48 R14: ffffea0001553e40 R15: 1ffffd40002aa7c9 [ 86.023383][ T5344] FS: 00007fcadd1646c0(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000 [ 86.027095][ T5344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.029993][ T5344] CR2: ffffffffffffffd6 CR3: 0000000000d37000 CR4: 0000000000352ef0 [ 86.033405][ T5344] Call Trace: [ 86.034787][ T5344] [ 86.035986][ T5344] filemap_read_folio+0x117/0x380 [ 86.038146][ T5344] ? __pfx_filemap_read_folio+0x10/0x10 [ 86.040412][ T5344] do_read_cache_folio+0x358/0x590 [ 86.042553][ T5344] freader_get_folio+0x3c7/0x830 [ 86.044659][ T5344] freader_fetch+0xa3/0x750 [ 86.046460][ T5344] __build_id_parse+0x133/0x7d0 [ 86.048541][ T5344] ? __pfx___build_id_parse+0x10/0x10 [ 86.050908][ T5344] procfs_procmap_ioctl+0x76f/0xce0 [ 86.053350][ T5344] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 86.055763][ T5344] ? __fget_files+0x2a/0x420 [ 86.057791][ T5344] ? __fget_files+0x2a/0x420 [ 86.059697][ T5344] ? __fget_files+0x3a0/0x420 [ 86.061674][ T5344] ? __fget_files+0x2a/0x420 [ 86.063810][ T5344] ? bpf_lsm_file_ioctl+0x9/0x20 [ 86.066066][ T5344] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 86.068459][ T5344] __se_sys_ioctl+0xfc/0x170 [ 86.070322][ T5344] do_syscall_64+0xec/0xf80 [ 86.072223][ T5344] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.074747][ T5344] ? trace_irq_disable+0x37/0x100 [ 86.076954][ T5344] ? clear_bhb_loop+0x60/0xb0 [ 86.078925][ T5344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.081335][ T5344] RIP: 0033:0x7fcadc38f7c9 [ 86.083136][ T5344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.090675][ T5344] RSP: 002b:00007fcadd164038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.093973][ T5344] RAX: ffffffffffffffda RBX: 00007fcadc5e5fa0 RCX: 00007fcadc38f7c9 [ 86.097635][ T5344] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000007 [ 86.101255][ T5344] RBP: 00007fcadc413f91 R08: 0000000000000000 R09: 0000000000000000 [ 86.104680][ T5344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.108171][ T5344] R13: 00007fcadc5e6038 R14: 00007fcadc5e5fa0 R15: 00007ffe2e3db2b8 [ 86.110808][ T5344] [ 86.111898][ T5344] Modules linked in: [ 86.113329][ T5344] CR2: 0000000000000000 [ 86.114973][ T5344] ---[ end trace 0000000000000000 ]--- [ 86.117259][ T5344] RIP: 0010:0x0 [ 86.118774][ T5344] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 86.121883][ T5344] RSP: 0018:ffffc9000e45f958 EFLAGS: 00010287 [ 86.125175][ T5344] RAX: ffffffff81fbd4f4 RBX: 1ffffd40002aa7c8 RCX: 0000000000100000 [ 86.128426][ T5344] RDX: ffffc9002112a000 RSI: ffffea0001553e40 RDI: ffff88804423de00 [ 86.131468][ T5344] RBP: ffffc9000e45fa18 R08: ffffea0001553e47 R09: 1ffffd40002aa7c8 [ 86.134854][ T5344] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000 [ 86.138249][ T5344] R13: ffffea0001553e48 R14: ffffea0001553e40 R15: 1ffffd40002aa7c9 [ 86.141648][ T5344] FS: 00007fcadd1646c0(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000 [ 86.145373][ T5344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.148256][ T5344] CR2: ffffffffffffffd6 CR3: 0000000000d37000 CR4: 0000000000352ef0 [ 86.151703][ T5344] Kernel panic - not syncing: Fatal exception [ 86.154676][ T5344] Kernel Offset: disabled [ 86.156687][ T5344] Rebooting in 86400 seconds..