program:
syz_usb_connect(0x2, 0x3f, &(0x7f0000000300)=ANY=[@ANYBLOB="05010000d0918108ac051582588f0000000109022d00010000000009040020030b08000009058d67c8002a000009050502000000000009058b165c1e"], 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x10000001d, 0x8041)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x2149d527, 0x208043)
socket$kcm(0x2d, 0x2, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket(0x10, 0x2, 0x13)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000080)={@in6={{0xa, 0x4e20, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6}}, 0x0, 0x0, 0x3, 0x0, "9ecf3315567f14d56a87d1b2cc409e2a652dbbf6c50480937c6fa85af81bc6fc54b71f034d5ac33e31d612d976920300000000000000503621ec6679995d916cb4361795dd7dbae51d07384b7c2e6949"}, 0xd8)
syz_emit_ethernet(0x3e, &(0x7f00000006c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb080045000030000000000006907864010102ac1414aa40010000012f0558ba4feb71d20bcad532c130487213d4841abf51e87661d2169bae11de32e855f364c5822bcf9caf6895f6a36c81f006007fae229a84de72ff798269275dd55258053041f521791936a47b938faf33b7c34298f973559932b74f10c6ce6d5a89be127c6bfddffe53ea8a96465c45247a50c8c433e13a262914aef02eefad0d9a48694e81751d20fdd802b6ce29b30a7e02f0295a36886c55d23d3e34f759ae3f9b668ab96d017ae41ca9e8c6e1c95cf4735acb865db15b8aa22bf711a2ba1b3f263e73cddc7645952cc7b1799297e155bea3ce6134056cd58bd94b77519b70502f142a9533e688f1d22ebfb25703784d5c0f376ae2fe7382ecad23b2f4c4a3bf3f16ffb99f112ae8d6b5fda306a7b810033595914b72bbfa808d506a08dd46d7e9f0ec7366157c6ec352aab020de8c838eb7af8bf488527c131136f88fe479ae90dfbf59356862d68bb802d5ca8895881d0c676384fc29a0bd43a888706ccc9935a704003192ea48fcd6ff7b18cfe8e04272d96567c16caeb66c880e55ea94069b2ee0a4d301d2", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="7c10000090780004fe06e2d4c3d90000"], 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newqdisc={0x2c, 0x24, 0x0, 0xfffffffd, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {}, {0xffff}, {0x0, 0xb}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0xfff}]}, 0x2c}}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
pipe2(&(0x7f0000000240), 0x84000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r4 = io_uring_setup(0xb, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0x2c})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1d, 0x4, 0x1, 0xbf22, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x200042, 0x1}, 0x50)
io_uring_enter(r4, 0x2219, 0x7721, 0x16, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"})
ioctl$USBDEVFS_CLEAR_HALT(r0, 0x80045515, &(0x7f0000000000)={0x6, 0x1})
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_int(r5, 0x0, 0x13, 0x0, 0x0)
ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4004550d, 0x0)
r6 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x2)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x7c0b0, &(0x7f0000000100)=ANY=[], 0x1, 0x6cd, &(0x7f0000000d00)="$eJzs3c1vHGcZAPBn1uuPTdvETZM2oEq1GgkQFok/5IK5NCCEjFQhVA6crcRprGzSYrvgVog6fF576B/Qiy+IExJcuEQqHLjArTfkYyUkLrlgToNmdmZ3st6vhNjrwO8Xzb7vvO+87zzzzMx+RdYG8H9rbT7q9yOJtfk3drP1g/3l5sH+8p2yHhHTEbEXUY+IWkQk/0rT9JOIaxFJe5qkqzzio83VNz99cPBZa61eLPn2tUHjuhTb7XU175VtcxExUZSP7Me957v+uPO1Je3Ir0XE5aKEsZuMiDSdjLTth395tt2TdZ5rlY1eo2dOLlDg2CSt183sxbhWbZ+NOFPc6Nn7gPKVtzaWIEcwPeJ23e8gAAAA4GnT7zPwVKV+7jAOYzc5e0IhAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFNvr/P7/0mx1Mr6XCTl7/9PFW3R9VOCp8Mrj7b5/eOKAwAAAAAAAABO0CuHcRi7cbZcT5P8//xfzVcu5I/PxLuxHRuxFVdiN9ZjJ3ZiKxYnImYrE03tru/sbC2OMHIpeo1cGhLodFE2nsxxAwAAAAAAAMD/mJ/FWuf//wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DRIIiZaRST3Ks2zUatHxExETGUNexF/K+tPm5lK/f4Y4wAAAICTcu4wDmM3zpbraRIXIuLF/DuAmXg37sZObMZONGMjbuTfC7Q+9dcO9pebB/vLd7Ll6Lzf+OdDqzNDwshnjNZ3D733fCnfohE3YzNvuRLX4+1oxo2o5SMzl4p4ylm74rqXxZS8XhgxQTeKMjvyD4vyiA9GnGyw7i9TGoO/YJnNMzLZzshCEVuWjefLM9P7DHWdnWG697QYtXZgF7r21BXwY+X8TFFmx/Orfjkfi+5MLFWuvhcH5zzii7//7Q8WivrpOaTRTBRlmj82jmZiuZKJl0bJxK3m3du3bm7Pn+5M/GH4Jgt5Ji6219fi2/H9mI+5+F5sxWb8KNZjJzZiLr6V19aLk59Ubu8+mbrWKiZ77Xatk7gy71PFFTpRtD5KTK/mY8/GZnw33o4bsRGv5f+WYjG+GiuxEquVM3xx8BnO7/raQ3d95xUgfa5nGi9/qahkT3u/Lsqe+nYclyyvz1fyWn3Onc37qi2dLJ0fnqUsLQ89N/5xcCj1zxeVbB8/r5z78evOxGIlEy8MykR5IW83797eurX+zmi7O/9hZfgvT9VTana9nM9OVpQnqHN1ZH0vlH1d+cr6LrT7akf6Lrb7WnfqXt87dap4D3d0pqW876Wefct536VKX6/3W8PfzQEwZme+fGaq8Y/GXxsfN37RuNV4Y+ab01+bfnkqJv80+fX6wsQXai8nv4uP46edz/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDj237v/dvrzebGVlclTdMP+nQ103MRfboer1LrG0ZWqQ8J9Ugl5v7+TDagbEmj3VX+nNkTDH5Y5XPPRow+qvgFnmi11J9sno+r0hi+zb/TNC1akj7b/ObPRxP1XK/Uvd7dMjX6tTGkMlNc4YXTkd5WpX7COx3TExJwYq7u3Hnn6vZ7739l8876WxtvbdxdXVlZXVhdeW356s3N5sZC63HcUQLHofOiP+5IAAAAAAAAAAAAgFGN9vcA8V/9OcG4jxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4uq3NR/1+JLG4cGUhWz/YX25mS1nvbFmPiFpEJD+JSD6JuBatJWYr0yX99vPR5uqbnz44+KwzV7bEd64PGTeavWKJuYiYaJX3ntR814tyoGTQISTtI8wSdrlMHIzbfwIAAP//3rf9zQ==")
link(&(0x7f0000000280)='./file1\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mmap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x3800007, 0x13, r6, 0xfffff000)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000004c0)={@cgroup, 0x10, 0x1, 0xfffffffe, &(0x7f0000000380)=[0x0, 0x0], 0x2, 0x0, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
r7 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil})

[   75.463341][ T5315] Bluetooth: hci0: command tx timeout
[   75.791744][    T9] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[   75.943819][    T9] usb 5-1: config 0 interface 0 altsetting 32 endpoint 0x8D has invalid maxpacket 200, setting to 64
[   75.948478][    T9] usb 5-1: config 0 interface 0 altsetting 32 endpoint 0x5 has invalid wMaxPacketSize 0
[   75.952987][    T9] usb 5-1: config 0 interface 0 altsetting 32 endpoint 0x8B has invalid maxpacket 7772, setting to 64
[   75.959104][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[   75.963577][    T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[   75.967680][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.977086][    T9] usb 5-1: config 0 descriptor??
[   76.252293][ T5338] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   76.272594][ T5338] loop0: detected capacity change from 0 to 1024
[   76.297023][ T5337] BUG: kernel NULL pointer dereference, address: 0000000000000000
[   76.300493][ T5337] #PF: supervisor instruction fetch in kernel mode
[   76.303347][ T5337] #PF: error_code(0x0010) - not-present page
[   76.305965][ T5337] PGD 0 P4D 0 
[   76.307471][ T5337] Oops: Oops: 0010 [#1] SMP KASAN NOPTI
[   76.309853][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   76.313795][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.318646][ T5337] RIP: 0010:0x0
[   76.320396][ T5337] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   76.323628][ T5337] RSP: 0018:ffffc9000ae2f958 EFLAGS: 00010287
[   76.326312][ T5337] RAX: ffffffff81fbd4f4 RBX: 1ffffd40002ab008 RCX: 0000000000100000
[   76.329801][ T5337] RDX: ffffc90020a22000 RSI: ffffea0001558040 RDI: ffff88804348e1c0
[   76.332994][ T5337] RBP: ffffc9000ae2fa18 R08: ffffea0001558047 R09: 1ffffd40002ab008
[   76.336240][ T5337] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000
[   76.339856][ T5337] R13: ffffea0001558048 R14: ffffea0001558040 R15: 1ffffd40002ab009
[   76.343616][ T5337] FS:  00007f8e60b406c0(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000
[   76.347697][ T5337] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.350440][ T5337] CR2: ffffffffffffffd6 CR3: 0000000043e21000 CR4: 0000000000352ef0
[   76.353889][ T5337] Call Trace:
[   76.355680][ T5337]  <TASK>
[   76.357125][ T5337]  filemap_read_folio+0x117/0x380
[   76.359484][ T5337]  ? __pfx_filemap_read_folio+0x10/0x10
[   76.361987][ T5337]  do_read_cache_folio+0x358/0x590
[   76.364240][ T5337]  freader_get_folio+0x3c7/0x830
[   76.366481][ T5337]  freader_fetch+0xa3/0x750
[   76.368508][ T5337]  __build_id_parse+0x133/0x7d0
[   76.370653][ T5337]  ? __pfx___build_id_parse+0x10/0x10
[   76.372975][ T5337]  procfs_procmap_ioctl+0x76f/0xce0
[   76.375179][ T5337]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[   76.377452][ T5337]  ? __fget_files+0x2a/0x420
[   76.379217][ T5337]  ? __fget_files+0x2a/0x420
[   76.381023][ T5337]  ? __fget_files+0x3a0/0x420
[   76.382981][ T5337]  ? __fget_files+0x2a/0x420
[   76.384920][ T5337]  ? bpf_lsm_file_ioctl+0x9/0x20
[   76.387157][ T5337]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[   76.389683][ T5337]  __se_sys_ioctl+0xfc/0x170
[   76.391797][ T5337]  do_syscall_64+0xec/0xf80
[   76.393838][ T5337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.396465][ T5337]  ? trace_irq_disable+0x37/0x100
[   76.398564][ T5337]  ? clear_bhb_loop+0x60/0xb0
[   76.400487][ T5337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.402888][ T5337] RIP: 0033:0x7f8e5fd8f7c9
[   76.404712][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.412605][ T5337] RSP: 002b:00007f8e60b40038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   76.416181][ T5337] RAX: ffffffffffffffda RBX: 00007f8e5ffe5fa0 RCX: 00007f8e5fd8f7c9
[   76.419693][ T5337] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 000000000000000d
[   76.423141][ T5337] RBP: 00007f8e5fe13f91 R08: 0000000000000000 R09: 0000000000000000
[   76.426594][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   76.429657][ T5337] R13: 00007f8e5ffe6038 R14: 00007f8e5ffe5fa0 R15: 00007ffe9f75d318
[   76.432699][ T5337]  </TASK>
[   76.433881][ T5337] Modules linked in:
[   76.435458][ T5337] CR2: 0000000000000000
[   76.437235][ T5337] ---[ end trace 0000000000000000 ]---
[   76.439468][ T5337] RIP: 0010:0x0
[   76.440915][ T5337] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   76.444012][ T5337] RSP: 0018:ffffc9000ae2f958 EFLAGS: 00010287
[   76.446580][ T5337] RAX: ffffffff81fbd4f4 RBX: 1ffffd40002ab008 RCX: 0000000000100000
[   76.449952][ T5337] RDX: ffffc90020a22000 RSI: ffffea0001558040 RDI: ffff88804348e1c0
[   76.453332][ T5337] RBP: ffffc9000ae2fa18 R08: ffffea0001558047 R09: 1ffffd40002ab008
[   76.456811][ T5337] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000
[   76.460211][ T5337] R13: ffffea0001558048 R14: ffffea0001558040 R15: 1ffffd40002ab009
[   76.463780][ T5337] FS:  00007f8e60b406c0(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000
[   76.467651][ T5337] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.470498][ T5337] CR2: ffffffffffffffd6 CR3: 0000000043e21000 CR4: 0000000000352ef0
[   76.474015][ T5337] Kernel panic - not syncing: Fatal exception
[   76.477012][ T5337] Kernel Offset: disabled
[   76.478927][ T5337] Rebooting in 86400 seconds..